Career Opportunities in an Indigenous Financial Institution

PricewaterhouseCooper (PwC) Nigeria – Our client is the largest indigenous financial institution in Ghana and is focused on breaking new frontiers and setting higher standards to enable technological innovations drive improved services.

They are recruiting to fill the position below:

Job Title: Security Compliance Manager

Reference Number: 130-PEO01135
Location: Nigeria
Department: People & Change Nigeria
Job type: Permanent

Roles & Responsibilities

• Actively support in the development, implementation and review of Information security policies, procedures and standards across the organisation
• Monitor the organisation’s compliance with security policies, standards, guidelines and procedures across the organisation in line with international standards such as ISO 27001, PCI-DSS, SWIFT CSP as well as the Organisation of Ghana cyber security directives
• Develop and maintain a framework to track the organisation’s compliance with controls in line with BOG Cyber Security Directive and SWIFT CSP
• Develop and maintain a framework to track the organisation’s compliance with controls in line ISO 27001 and PCI-DSS standards
• Responsible for leading all internal and external cyber security audits on behalf of the organisation
• Evaluate and propose updates to new and existing policies, standards and procedures to ensure continuous compliance with ISO 27001, PCI-DSS and other international standards
• Track the effectiveness of the organisation’s enterprise Information security awareness program
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
• Provide information security expertise with regards the organisation’s disaster recovery and business continuity programs
• Liaise with other stakeholders to ensure the periodic testing of disaster recovery and business continuity plans
• Stay abreast of regulatory changes and access its impact on Organisation’s Cyber and Information security program.

Requirements

• A minimum of a degree in Computer Science / Engineering , Information Technology, Electrical Engineering or a related field from a recognised University
• Professional Certifications in CISSP, CISM, ISO 27001:2013 LI/LA and PCI-DSS (QSA) will be an added advantage
• A Second degree is an added advantage
• Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment, Development, Production Assurance and/ or IT Governance, Risk and Compliance areas with 2+yrs in Supervisory/Managerial.

How to Apply
Interested and qualified candidates should:
Click here to apply online

Job Title: Infrastructure Security Manager

Reference Number: 130-PEO01133
Location: Nigeria
Department: People & Change Nigeria
Job type: Permanent

Roles & Responsibilities

• Responsible for enforcing procedures, standards and best practices across all the Organisation’s systems, network, databases, endpoints and mobile devices
• Responsible for establishing security baselines for servers, network, databases and endpoints
• Conduct quarterly vulnerability assessment scans across all Organisation’s subnets.
• Perform quarterly validation and reviews of the IT asset register
• Perform infrastructure security assessment and reviews for new deployments to production environments and assist in the compilation of an IT asset register.
• Conduct review of Endpoints to identify security configuration deviations from established security baselines
• Conduct reviews of databases to identify deviations from established security baselines
• Perform quarterly review of User Access rights and privileges to infrastructure systems
• Provide oversight responsibility and thought leadership with regards the implementation, operation and maintenance of technical controls to address risks associated with the use of privilege accounts
• Responsible for the implementation and operation of a mobile device management (MDM) solution to safeguard company data on mobile devices
• Responsible for the implementation and operation of a database activity monitoring (DAM) and Privilege Access Management (PAM) solutions to monitor the activities of DBAs on critical database systems and privilege users on Organisation’s systems and networks
• Liaise with the respective IT teams to ensure AD clean-up activities and the enterprise roll out of security patches across all systems and network devices.
• Liaise with the respective IT teams and service providers to ensure quarterly reviews of firewall rules
• Participate in all architecture reviews and discussions on the deployment of enterprise solutions across the bank
• Manage the Organisation’s Antivirus platform and ensure all endpoints and windows based servers have antivirus agents that are installed and are receiving virus definition files regularly from the antivirus server
• Perform other duties as assigned by the CISO or his designate.

Requirements

• A minimum of a degree in Computer Science / Engineering , Information Technology, Electrical Engineering or a related field from a recognised University.Minimum Professional Certifications in CISM, CRISC, CISA or ISSP.
• A Second degree is an added advantage
• Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment, Risk and Compliance areas with 2+yrs in Supervisory/Managerial role.

How to Apply
Interested and qualified candidates should:
Click here to apply online

Job Title: Information Risk Management & Policy Development Manager

Reference Number: 130-PEO01136
Location: Nigeria
Department: People & Change Nigeria
Job type: Permanent

Roles & Responsibilities

• Responsible for the development, review and implementation Information security policies, procedures and standards to meet compliance requirements
• Develop and Implement an Information Risk Management program based on established best practice
• Conduct Regular risk identification and assessments of technology environments to identify significant technology related risks
• Conducts risk assessments on third party service providers
• Capture, maintain and monitor an information security risk register and assist in the information classification process for the entire Organisation
• Provide control recommendations for the various information classification levels.
• Conduct Risk assessments for technology projects and assist in establishing control measures to mitigate risks to an acceptable level
• Participate in the design and implementation of infrastructure and applications security solutions
• Develop and improve an information security awareness and training program and implement an automated platform for its delivery across the Organisation

Requirements

• A minimum of a degree in Computer Science / Engineering, Information Technology, Electrical Engineering or a related field of study from a recognised University
• Minimum Professional Certifications in: CISSP, CISM, CISA or CRISC
• A Second degree is an added advantage
• Minimum of Eight (8) years post qualification experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment, IT Infrastructure Management, IT Vendor Assessment, IT Governance, Risk and Compliance areas with two (2) years’ experience in Supervisory/Managerial role.

How to Apply
Interested and qualified candidates should:
Click here to apply online

Job Title: Application Security Manager

Reference Number: 130-PEO01134
Location: Nigeria
Department: People & Change Nigeria
Job type: Permanent

Roles & Responsibilities

• Develop and maintain application security baseline and standards across all applications within the Organisation.
• Responsible for enforcing application security controls in line with PCI DSS and ISO 27001 standards.
• Conduct risk assessments on in house and third-party applications.
• Responsible for ensuring all newly deployed applications into production environments are adequately tested and critical vulnerabilities observed are properly addressed before Go-Live.
• Conduct Static Code Reviews and security testing from design stage of new application development to ensure vulnerabilities are identified and corrected at the early stage of the development lifecycle.
• Conduct regular dynamic application security testing on production applications to identify and facilitate remediation of vulnerabilities.
• Responsible for integrating security tools, standards and processes into the software development lifecycle (SDLC) and DevOps frameworks.
• Provide security framework for application related projects and liaise with stakeholders to improve secure coding development standards across the organisation.
• Develop a framework for testing third party Application programming interfaces (APIs) and their integration with applications within the organisation’s environment.

Requirements

• A minimum of a degree in Computer Science / Engineering , Information Technology, Electrical Engineering or a related field from a recognized University.
• Professional Certifications in CISSP or CISM will be an added advantage.
• A Second degree is an added advantage
• Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role
• A must have experience in writing and testing web applications and web services in the following programming languages – C++, Java and JavaScript.

How to Apply
Interested and qualified candidates should:
Click here to apply online

Job Title: Security Operations Center (SOC) and Incident Response Manager

Reference Number: 130-PEO01132
Location: Nigeria
Department: People & Change Nigeria
Job type: Permanent

Roles & Responsibilities

• Lead and manage Organisation’s Security Operations Center (SOC).
• Responsible for incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Responsible for compliance to SLA, process adherence and process optimization to achieve the SOC’s operational objectives
• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
• Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
• Responsible for integration of standard and non-standard logs into SIEM
• Creation of reports, dashboards, metrics for SOC operations and presentation to
• Executive Management and Cyber and Information security risk management (CISRM) committee
• Develop and maintain an incidence response program/plan consistent with incident response management processes and standards.
• Build run books for the management of security incidents within the Organisation
• Work with other SOC analysts to create security-related rules to provide alerts on any suspicious activities
• Conduct periodic threat simulation activities to evaluate the adequacy of deployed detective controls
• Establish and maintain a database of detected and reported information security incidents
• Provide support for forensic investigations related to Information security incidents and develop and share security event logging requirements with infrastructure and applications teams
• Liaise with stakeholders for timely isolation, containment and remediation of Indicators of Compromise (IOCs) related to validated threat intelligence information
• Perform other duties as assigned by the CISO or his designate.

Requirements

• A minimum of a degree in Computer Science / Engineering, Information Technology, Electrical Engineering or a related field of study from a recognised University
• Professional Certifications such as CISSP, CISM, CEH or GCIH will be an added advantage
• A Second degree is an added advantage
• Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role.

How to Apply
Interested and qualified candidates should:
Click here to apply online